This article will serve as a guide for anyone who wants to automate installation of the Umbrella module for Cisco Secure Client.
Components and approach
Whether you are installing from the GUI or any other method, a successful installation requires the following:
- (Optional) Uninstallation of previous Roaming Client or AnyConnect
- Installation of Cisco Secure Client
- DART Tool (Recommended)
- Installation of the Umbrella Module
- Umbrella Profile (OrgInfo.plist on Mac and OrgInfo.json on Windows)
Cisco provides precise documentation on how to build the commands to install this. For full documentation on this, see the pre-deployment guide below:
Command line examples - Windows
A common configuration is to deploy the Cisco Secure Client with the Umbrella Module and without the VPN module. If you wanted to to that, these would be the three commands to execute (replacing <version> with the version number in the downloaded MSI file and <log_file_name> with path and file name you'd like to use for the installation log file):
msiexec /package cisco-secure-client-win-<version>-core-vpn-predeploy-k9.msi /norestart /passive PRE_DEPLOY_DISABLE_VPN=1 /lvx* <log_file_name>
msiexec /package cisco-secure-client-win-<version>-umbrella-predeploy-k9.msi /norestart /passive /lvx* <log_file_name>
msiexec /package cisco-secure-client-win-<version>-dart-predeploy-k9.msi /norestart /passive /lvx* <log_file_name>
You will also need your organizations orginfo.json file. You can download this from your dashboard by browsing to Deployments > Core Identities > Roaming Computers > Roaming Client then clicking on Download on top right corner and selecting Download Module Profile.
Once downloaded, copy the OrgInfo.json file into the %ProgramData%\Cisco\Cisco Secure Client\Umbrella folder and restart the services.
There are several optional switches that can be used when installing the Cisco Secure Client and Umbrella Module. Here are some of the most useful:
|The core module includes the VPN capability, even if it is not used. This tells the system to hide the inactive VPN module. This can also be done after installation by following the steps listed here.
|This prevents the Umbrella service from being disabled manually. More information can be found here.
|This will prevent the module from being displayed in the Add/Remove Programs Dialog.
For more information on installation and customization on macOS, see the following page:
The directory locations have changed with Cisco Secure Client.
Cisco Secure Client Directories
C:\Program Files (x86)\Cisco\Cisco Secure Client
C:\ProgramData\Cisco\Cisco Secure Client\Umbrella\
/Applications/Cisco/Cisco Secure Client.app